D-Grid AAI

Description

An Authentication and Authorization Infrastructure (AAI) represents an indispensable and complex component of each Grid infrastructure. An AAI is a central framework over which Grid resources, users, and virtual organizations mutually control themselves depending on their policies. For this purpose distributed descriptions of authorization (attributes) and identity (certificates) are usually used. An AAI integrates both certification and directory services and provides protocols for accessing these services. A substantial problem is that almost each Grid middleware configures its own AAI. Linking different Grid middleware requires therefore a simplification and homogenization of the underlying AAIs in order to avoid high and error-prone administrative complexity. Hence, it is necessary to provide tools and services in D-Grid which support the secure use of the D-Grid-infrastructure and help to avoid errors. In this context, the consideration of aspects like mobility and heterogeneity in general as well as the requirements of the simultaneously starting D-Grid-Community-projects in particular is important.

Goal

The fundamental goal of this project is the development of a national and international concept for an AAI in D-Grid as well as the integration of this infrastructure in the context of the D-Grid-Community-projects. Therefore an AAI prototype is developed, with which the interoperable authentication and authorization are evaluated both within the national D-Grid-Communities and in existing European and international co-ordinations. This also implies the integration in European co-ordination structures.

Investors

The project is sponsored by the BMBF. In the project are also involved:

• Fraunhofer SIT
• Research Center Karlsruhe
• The University of Hannover
• The University of Karlsruhe

Contact

Links

• D-Grid project Web site
• Grid Café